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Abstract 
This document specifies how to interconnect a pair of Transparent 
Interconnection of Lots of Links (TRILL) switch ports using 
pseudowires under existing TRILL and Pseudowire Emulation End-to-End 
(PWE3) standards. 
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1. Introduction 


The Transparent Interconnection of Lots of Links (TRILL) protocol 
[RFC6325] provides optimal pair-wise data frame routing without 
configuration in multi-hop networks with arbitrary topology. TRILL 
supports multipathing of both unicast and multicast traffic. Devices 
that implement TRILL are called TRILL switches or Routing Bridges 
(RBridges). 


Links between TRILL switches can be based on arbitrary link 
protocols, for example, PPP [RFC6361], as well as Ethernet [RFC6325]. 
A set of connected TRILL switches together form a TRILL campus that 
is bounded by end stations and Layer 3 routers. 
This document specifies how to interconnect a pair of TRILL switch 
ports using a pseudowire under existing TRILL and PWE3 (Pseudowire 
Emulation End-to-End) standards. 
1.1. Conventions Used in This Document 

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", “SHALL NOT", 
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 
"OPTIONAL" in this document are to be interpreted as described in 
[RFC2119]. 
Acronyms used in this document include the following: 

IS-IS - Intermediate System to Intermediate System [IS-IS] 

MPLS - Multi-Protocol Label Switching 

PPP - Point-to-Point Protocol [RFC1661] 


PW - Pseudowire [RFC3985] 
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PWE3 - PW Emulation End-to-End 
RBridge - Routing Bridge, an alternative name for a TRILL switch 
TRILL - Transparent Interconnection of Lots of Links [RFC6325] 
TRILL Switch - A device implementing the TRILL protocol 

2. PWE3 Interconnection of TRILL Switches 


When a pseudowire is used to interconnect a pair of TRILL switch 
ports, a PPP [RFC4618] pseudowire is used as described below. The 
pseudowire between such ports can be signaled [RFC4447] or manually 
configured. In this context, the TRILL switch ports at the ends of 
the pseudowire are acting as native service processing (NSP) elements 
[RFC3985] and, assuming that the pseudowires are over MPLS or IP 
[RFC4023] networks, as label switched or IP routers at the TRILL 
switch ports. 


Pseudowires provide transparent transport, and the two TRILL switch 
ports appear directly interconnected with a transparent link. With 
such an interconnection, the TRILL adjacency over the link is 
automatically discovered and established through TRILL IS-IS control 
messages [RFC7177]. 


A pseudowire is carried over a packet switched network tunnel 
[RFC3985], for example, an MPLS or MPLS-TP label switched path tunnel 
in MPLS networks. Either a signaling protocol or manual 
configuration can be used to configure a label switched path tunnel 
between two TRILL switch ports. This application needs no additions 
to the existing pseudowire standards. 


2.1. PWE3 Type-Independent Details 


The sending pseudowire TRILL switch port SHOULD map the inner 
priority of the TRILL Data packets being sent to the Traffic Class 
field of the pseudowire label [RFC5462] so as to minimize the 
probability that higher priority TRILL Data packets will be discarded 
due to excessive TRILL Data packets of lower priority. 


TRILL IS-IS PDUs critical to establishing and maintaining adjacency 
(Hello and MTU PDUs) SHOULD be sent with the MPLS Traffic Class that 
calls for handling with the maximum priority. Other TRILL IS-IS PDUs 
SHOULD be sent with the MPLS Traffic Class denoting the highest 
priority that is less than the maximum priority. TRILL Data packets 
SHOULD be sent with appropriate MPLS Traffic Classes, typically 
mapped from the TRILL Data packet priority, such that TRILL Data 
packet Traffic Classes denote priorities less than the priorities 
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used for TRILL IS-IS PDUs. This minimizes the probability of other 
traffic interfering with these important control PDUs and causing 
false loss of adjacency or other control problems. 


If a pseudowire supports fragmentation and reassembly (a feature that 
has received little or no deployment), then there is no reason to do 
TRILL MTU testing on it, and the pseudowire will not be a constraint 
on the TRILL campus-wide MTU size (Sz) (see Section 4.3.1 of 
[RFC6325]). If the pseudowire does not support fragmentation (the 
more common case), then the available TRILL IS-IS packet payload size 
over the pseudowire (taking into account MPLS encapsulation with a 
control word) or some lower value, MUST be used in helping to 
determine MTU size (Sz) (see Section 5 of [RFC7180]). 


An intervening MPLS label switched router or similar packet switched 
network device has no awareness of TRILL. Such devices will not 
change the TRILL Header hop count. 


2.2. PPP PWE3 Transport of TRILL 


For a PPP pseudowire (PW type = 0x0007), the two TRILL switch ports 
being connected are configured to form a pseudowire with PPP 
encapsulation [RFC4618]. After the pseudowire is established and 
TRILL use is negotiated within PPP, the two TRILL switch ports appear 
directly connected with a PPP link [RFC1661] [RFC6361]. 


If pseudowire interconnection of two TRILL switch ports is signaled 
[RFC4447], the initiating TRILL switch port MUST attempt the 
connection setup with pseudowire type PPP (0x0007). 


Behavior for TRILL with a PPP pseudowire continues to follow that of 
TRILL over PPP as specified in Section 3 of [RFC6361]. 
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The following figures show what a TRILL Data packet and TRILL IS-IS 
packet look like over such a pseudowire in the MPLS case, assuming no 
TRILL Header extensions: 


+-------------------------------- + 

| Server MPLS Tunnel Label(s) | n*4 octets (4 octets per label) 
+-------------------------------- - 

| PW Label | 4 octets 
+-------------------------------- - 

| Control Word | 4 octets 
+-------------------------------- + 

| PPP Header 0x005d | 2 octets 
+-------------------------------- + 

| TRILL Header | 6 octets 
——— + 

| Destination MAC Address | 6 octets 
+-------------------------------- - 

| Source MAC Address | 6 octets 
+-------------------------------- + 

| Data Label | 4 or 8 octets 
+-------------------------------- + 

| Payload Body | variable 
+-------------------------------- + 


Figure 1: TRILL Data Packet in Pseudowire 


"Data Label" is the VLAN Label or Fine-Grained Label [RFC7172] of the 
payload. 


4$-------------------------------- + 

| Server MPLS Tunnel Label(s) | n*4 octets (4 octets per label) 
pA + 

| PW Label | 4 octets 
4-------------------------------- + 

| Control Word | 4 octets 
pet a E E O E + 

| PPP Header 0x405d | 2 octets 
PRS SSeS See + 

| Common IS-IS Header | 8 octets 
å Hk TE ee + 

| IS-IS PDU Type Specific Header | variable 
+-------------------------------- + 

| IS-IS TLVs | variable 
4-------------------------------- + 


Figure 2: TRILL IS-IS Packet in Pseudowire 
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The PPP Header fields (0x005d and 0x405d, respectively) for TRILL 
Data and IS-IS packets shown above are specified in [RFC6361]. 


3. Security Considerations 


TRILL-level security mechanisms, such as the ability to use 
authentication with TRILL IS-IS PDUs [RFC6325], are not affected by 
link technology, such as the use of pseudowire links as specified in 
this document. 


Link security may be useful in improving TRILL campus security. 

TRILL is transported over pseudowires as TRILL over PPP over 
pseudowires, pseudowires are over MPLS or IP, and MPLS and IP are 
over some lower-level link technology. Thus, link security below the 
TRILL level for a pseudowire link could be provided by PPP security, 
pseudowire security, MPLS or IP security, or security of the link 
technology supporting MPLS or IP. 


PPP TRILL security considerations are discussed in [RFC6361]. For 
security considerations introduced by carrying PPP TRILL links over 
pseudowires, see [RFC3985], which discusses the risks introduced by 
sending protocols that previously assumed a point-to-point link ona 
pseudowire built on a packet switched network (PSN). However, the 
PPP layer in TRILL transport by pseudowire is somewhat vestigial and 
intended primarily as a convenient way to use existing PPP code 
points to identify TRILL Data packets and TRILL IS-IS packets. 
Furthermore, existing PPP security standards are arguably 
questionable in terms of current security criteria. For these 
reasons, it is NOT RECOMMENDED to use PPP security in the transport 
of TRILL by pseudowires as specified in this document. 


It is RECOMMENDED that link security be provided at the layers 
supporting pseudowires transporting TRILL, that is, at the MPLS or IP 
layer or the link layer transporting MPLS or IP. 


For applications involving sensitive data, end-to-end security should 
always be considered, in addition to link security, to provide 
security in depth. In this context, such end-to-end security should 
be between the end stations involved so as to protect the entire path 
to, through, and from the TRILL campus. 


For general TRILL protocol security considerations, see [RFC6325]. 
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Appendix A. Use of Other Pseudowire Types 


This informational appendix briefly discusses the use of pseudowire 
types other than PPP for the transport of TRILL. 


The use of Ethernet pseudowires [RFC4448] was examined by the authors 
and would be possible without change to such pseudowires; however, 
this would require an additional 12 or 16 bytes per packet within the 
payload being transmitted over the pseudowire for a TRILL Data packet 
(Figure 3) and a TRILL IS-IS packet (Figure 4) over such an Ethernet 
pseudowire in the MPLS case, assuming no TRILL Header extensions 
(compare with Figures 1 and 2): 


+-------------------------------- + 

| Server MPLS Tunnel Label(s) | n*4 octets (4 octets per label) 
+-------------------------------- + 

| PW Label | 4 octets 
+-------------------------------- + 

| Optional Control Word | 4 octets 
+-------------------------------- + 

| TRILL Hop Dest. MAC Address | 6 octets 
+-------------------------------- + 

| TRILL Hop Source MAC Address | 6 octets 
+-------------------------------- + 

|Optional VLAN and/or other tags | variable 
+-------------------------------- + 

| TRILL Ethertype (0x22f3) | 2 octets 
+-------------------------------- + 

| TRILL Header | 6 octets 
+-------------------------------- + 

| Destination MAC Address | 6 octets 
+-------------------------------- + 

| Source MAC Address | 6 octets 
+-------------------------------- + 

| Data Label | 4 or 8 octets 
+-------------------------------- + 

| Payload Body | variable 
+-------------------------------- + 


Figure 3: TRILL Data Packet in Ethernet Pseudowire 


"Data Label" is the VLAN Label or Fine-Grained Label [RFC7172] of the 
payload. 
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å sie EE SN EE ET EV KE + 

| Server MPLS Tunnel Label(s) | n*4 octets (4 octets per label) 
fos A E a + 

| PW Label | 4 octets 
ta === =——————————=——=—=—=——=—== + 

| Optional Control Word | 4 octets 
toa == =—————————————————=—== + 

| TRILL Hop Dest. MAC Address | 6 octets 
fans == =——————————==————=——=—== + 

| TRILL Hop Source MAC Address | 6 octets 
+—======= === == =—————=———————=——————=— + 

|Optional VLAN and/or other tags | variable 
tan + 

| Layer 2 IS-IS Ethertype 0x22f4 | 2 octets 
+—======= aa + 

| Common IS-IS Header | 8 octets 
Fann ESAN EE SE + 

| IS-IS PDU Type Specific Header | variable 
E T N E + 

| IS-IS TLVs | variable 
E ET EE DEE E ET E + 


Figure 4: TRILL IS-IS Packet in Ethernet Pseudowire 


It would also be possible to specify a new pseudowire type for TRILL 
traffic, but the authors feel that any efficiency gain over PPP 
pseudowires would be too small to be worth the complexity of adding 
such a specification. Furthermore, using PPP pseudowire encoding 
means that any traffic dissector that understands TRILL PPP encoding 
[RFC6361] and PPP pseudowires [RFC4618] will automatically be able to 
recursively decode TRILL transported by pseudowire. 
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